Hi Gary,
It is odd because you have ":block_connections_on_unverified (false)" which should allow computers with failed SCVchecks to continue to connect. The topology update issue is a valid one. I have mine set for an hour just so I can make local.scv changes and have them propogated no more than an hour later. Search your laptop for the local copy of "local.scv" and see if it matches the one you put on the management station.
Here's an appropriately sanitized local.scv file. The checks are that the Norton/Symantec "rtvscan.exe" anti-virus process is running (or that any program named "rtvscan.exe" is running) and that the screen saver is set, password-protected and not set longer than 15 minutes.
Ray
(SCVObject :SCVNames ( : (user_policy_scv :type (plugin) :parameters ( :dont_enforce_while_connecting (true) ) ) : (BrowserMonitor :type (plugin) :parameters ( :browser_major_version (5) :browser_minor_version (5) :browser_version_operand (">=") :browser_version_mismatchmassage ("A newer Internet Explorer version is required. Please contact the Corporate Help Desk at xxx-xxx-xxxx.") :intranet_download_signed_activex (disable) :intranet_run_activex (disable) :intranet_download_files (disable) :intranet_jave_permissions (disable) :trusted_download_signed_activex (disable) :trusted_run_activex (disable) :trusted_download_files (disable) :trusted_jave_permissions (disable) :internet_download_signed_activex (disable) :internet_run_activex (disable) :internet_download_files (disable) :intranet_jave_permissions (disable) :restricted_download_signed_activex (disable) :restricted_run_activex (disable) :restricted_download_files (disable) :restricted_jave_permissions (disable) :securely_configured_no_active_user (false) :send_log (alert) :internet_options_mismatch_message ("Your Internet browser configuration does not match the organization policy. Proceed as follows:\n1. In the browser, go to Tools > Internet Options > Security.\n2. For each Web content zone select custom level security and disable the following items: DownLoad signed ActiveX, Run Activex Controls, Download Files and Java Permissions.") ) ) : (OsMonitor :type (plugin) :parameters ( :os_version_mismatchmessage ("A newer operating system version is required. Upgrade your operating system.") :enforce_screen_saver_minutes_to_activate (15) :screen_saver_mismatchmessage ("This computer's screen saver configuration does not match our Remote Access policy. It has been automatically blocked from connecting to our network using Remote Access until the screen saver is reconfigured.\n\n If you need to disable the screen saver for a presentation, you can do so as long as you are not using Remote Access at the same time.\n\n In order to restore your Remote Access capability, please set your screen saver as follows:\n\n1. If you are dialed in, disconnect now.\n\n2. Click Start, Settings, Control Panel. Double click the Display icon and select the Screen Saver tab. Pick a screen saver if it is currently set to (None). The Employee News Network screen saver is required by company policy if it is available.\n\n3. Under Wait choose 15 minutes and check Password Protection.\n\n4. Click OK") :send_log (log) :major_os_version_number_9x (4) :minor_os_version_number_9x (10) :os_version_operand_9x (">=") :service_pack_major_version_number_9x (0) :service_pack_minor_version_number_9x (0) :service_pack_version_operand_9x (">=") :major_os_version_number_nt (4) :minor_os_version_number_nt (0) :service_pack_major_version_number_nt (5) :service_pack_minor_version_number_nt (0) :service_pack_version_operand_nt (">=") :major_os_version_number_2k (5) :minor_os_version_number_2k (0) :os_version_operand_2k ("==") :service_pack_major_version_number_2k (0) :service_pack_minor_version_number_2k (0) :service_pack_version_operand_2k (">=") :major_os_version_number_xp (5) :minor_os_version_number_xp (1) :os_version_operand_xp ("==") :service_pack_major_version_number_xp (0) :service_pack_minor_version_number_xp (0) :service_pack_version_operand_xp (">=") :screen_saver_securely_configured_on_no_active_user (false) ) ) : (ProcessMonitor :type (plugin) :parameters ( :rtvscan.exe (true) :begin_admin (admin) :send_log (alert) :mismatchmessage ("Your anti-virus system may be malfunctioning or it may be just a bit slow to start up. If you can see the 'gold shield' near the time, please ignore this message. If you cannot see the shield or it is covered by a red circle-and-slash or has an exclamation point in a circle on top of it, please call the Corporate Help Desk at xxx-xxx-xxxx immediately.") :end (admin) ) ) : (groupmonitor :type (plugin) :parameters ( :begin_or (or1) :begin_and (1) :"builtin\administrator" (false) :"BUILTIN\Users" (true) :end (1) :begin_and (2) :"builtin\administrator" (true) :"BUILTIN\Users" (false) :end (and2) :end (or1) :begin_admin (admin) :send_log (alert) :mismatchmessage ("You are using SecureClient with a non-authorized user.\nMake sure you are logged on as an authorized user.") :securely_configured_no_active_user (false) :end (admin) ) ) : (HotFixMonitor :type (plugin) :parameters ( :begin_or () :11111 (false) :22222 (true) :end () :begin_admin (admin) :send_log (alert) :mismatchmessage ("The organization policy requires that you have a SecureClient with either Q147222 or Q246009 security patches installed. Install either of them.") :end (admin) ) ) : (sc_ver_scv :type (plugin) :parameters ( :Default_SecureClientBuildNumber (52032) :Default_EnforceBuildOperand ("==") :MismatchMessage ("You are not running the latest version of SecureClient. Upgrade your SecureClient.") :EnforceBuild_9X_Operand (">=") :SecureClient_9X_BuildNumber (52030) :EnforceBuild_NT_Operand ("==") :SecureClient_NT_BuildNumber (52032) :EnforceBuild_2K_Operand (">=") :SecureClient_2K_BuildNumber (52032) :EnforceBuild_XP_Operand (">=") :SecureClient_XP_BuildNumber (52032) ) ) ) :SCVPolicy ( : (user_policy_scv) : (OsMonitor) : (ProcessMonitor) ) :SCVGlobalParams ( :block_connections_on_unverified (true) :scv_policy_timeout_hours (24) :enforce_ip_forwarding (true) ) )
_________________________________________________________________ Don’t just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================